ModAssistant[.]exe | Triage

Sharing

General

Target

ModAssistant.exe
Size

983KB
MD5

85db93f5c82c2b00532a12a907d789aa
SHA1

364bc37d7c64952b48ed57f816a29866aae7bdc5
SHA256

30e9743aab4b01764bf7b2e2d165a9c16cadade5b99ed59f112a47c04028cdff
SHA512

3289aa4fa798673bfd157b2e5702b74a3176032aa1dd64a2828fca62271641b5d2403151722054bc360252af04c67b9984fb2f6d3ecaec9332e6924426e4a3c2
SSDEEP

12288:CHHUaJeQJTUt5ndBU6k1IYg17V8yoRkIoTKrtxeMfgFb7jteYx3QI6x0u+AcGKrt:CHEZAoESMmb7A2U03AcGE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ModAssistant.exe

Files

ModAssistant.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\ModAssistant\ModAssistant\ModAssistant\obj\Release\ModAssistant.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 858KB - Virtual size: 858KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ